package org.smart4j.chapter.security;

import org.smart4j.chapter.helper.DatabaseHelper;
import org.smart4j.plugin.security.SmartSecurity;

import java.util.Set;

/**
 * 应用安全控制
 *
 * Created by chinalin on 2017/3/30.
 */
public class AppSecurity implements SmartSecurity{
    public String getPassword(String username) {
        String sql = "SELECT password FROM user WHERE username = ?";
        return DatabaseHelper.query(sql,username);
    }

    public Set<String> getRoleNameSet(String username) {
        String sql = "SELECT r.role_name FROM user u,user_role ur,role r WHERE u.id = ur.user_id AND " +
                "r.id = ur.role_id AND u.username = ?";
        return DatabaseHelper.querySet(sql,username);
    }

    public Set<String> getPermissionNameSet(String roleName) {
        String sql = "SELECT p.permission_name FROM role r,role_permission rp,permission p " +
                "WHERE r.id = rp.role_id AND rp.permission_id = p.id AND r.role_name = ?";
        return DatabaseHelper.querySet(sql,roleName);
    }
}
